EC2 InstanceForge: Crafted by Tarun Nayak

What is Amazon EC2?

Amazon EC2 (Elastic Compute Cloud) is one of the core services offered by AWS and sits at the heart of modern cloud computing. It delivers Infrastructure as a Service (IaaS) — allowing users to rent virtual servers on demand and scale them as needed.

At its core, EC2 replaces the need for physical servers with scalable, secure, and cost-efficient virtual machines.

Why EC2 is So Popular?

Why EC2 is So Popular

AWS EC2 is widely adopted because it gives developers, startups, and enterprises the flexibility to:

• Launch virtual machines in minutes

• Store data on connected drives

• Auto-scale resources based on demand

• Integrate with other AWS services seamlessly

Whether you're deploying a single app or running large-scale systems, EC2 is the foundation you’ll likely build on.

Key Components of EC2

1. Renting Virtual Machines (Instances)

You don’t need to buy hardware. With EC2, you can launch a virtual machine (instance) within seconds. Choose from various instance types based on CPU, memory, or GPU needs.

2. Storing Data with EBS (Elastic Block Store)

EC2 instances use EBS volumes for persistent storage — similar to a hard drive. Your data stays safe even if the instance is stopped or restarted.

3. Distributing Load with ELB (Elastic Load Balancer)

As your application grows, you’ll need to handle more users. ELB automatically distributes traffic across multiple EC2 instances.

EC2 Sizing & Configuration: Building Your Ideal Instance

Once you've decided to launch an EC2 instance, the next step is choosing how it’s configured. AWS gives you full flexibility to define the instance based on your workload needs.

Operating System (OS)

Choose the OS your application needs:

• Linux (Ubuntu, Amazon Linux, etc.) – great for web servers, open-source tools.

• Windows – for .NET applications, Windows-based software.

• Mac OS – used for Apple-based development (like iOS app builds).

Compute Power (vCPU)

You get to choose how much processing power (virtual CPUs) your instance should have.
Need more performance? Choose a compute-optimized instance.
Just testing something lightweight? Go with a t2.micro or similar.

Memory (RAM)

Each instance type offers different RAM sizes. More memory is ideal for:

• Applications with heavy in-memory caching

• Databases

• Large-scale data processing

Storage Options

Decide where and how your data is stored:

• EBS (Elastic Block Store): Network-attached storage that persists even if your instance stops.

• EFS (Elastic File System): Shared file storage for multiple instances.

• Instance Store: Temporary, high-speed hardware storage directly on the host — data is lost when the instance stops.

Networking & IP Settings

• Network Card: Choose network performance based on bandwidth needs.

• Public IP: Assign one if your instance needs to be accessible from the internet.

Firewall Rules: Security Groups

Think of these as your instance-level firewall. You define:

• Which ports are open (like 22 for SSH, 80 for HTTP)

• Which IPs are allowed to connect

This protects your EC2 from unwanted access.

EC2 User Data: Bootstrap Script

At launch time, you can pass a User Data script (Shell script for Linux, PowerShell for Windows) to automatically:

• Install software

• Update the system

• Configure applications

This is perfect for automating setup on first boot.

Automating with EC2 User Data

One of the most powerful features of Amazon EC2 is the ability to bootstrap your instances using an EC2 User Data script.

But what exactly is bootstrapping? It means running a series of commands automatically as soon as your EC2 instance launches for the first time.

🛠️ What You Can Do with EC2 User Data

The EC2 User Data script helps you save time and ensure consistency by automating initial setup tasks. Some examples include:

• Installing system updates to keep the machine secure and up to date.

• Installing required software (e.g., web servers, database systems).

• Downloading files from remote locations for configuration or usage.

• Custom tasks, like configuring applications or environment variables.

Key Features of EC2 User Data

• Runs Once: The script executes only during the first instance launch.

• Root Privileges: The script runs with root permissions, allowing you to install or modify anything on the instance.

• Flexibility: You can include any shell commands or scripts that suit your application needs.

Example: Simple EC2 User Data Script

Here’s a basic example for a Linux-based EC2 instance to install and start a web server:

#!/bin/bash
# Use this for your user data (script from top to bottom)
# install httpd (Linux 2 version)
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Hello from Tarun $(hostname -f)</h1>" > /var/www/html/index.html

//It will paste in advance detail before launching EC2

How you should check its working or not ?

To check its working or not ,you just copy the public ip address and copy it any web browser and add http:// before the ip adress and you can check it.

Why Use EC2 User Data?

The ability to automate boot tasks simplifies repetitive processes, improves deployment speed, and ensures a consistent environment every time you launch an instance.

Types of EC2 Instances

• General Purpose

• Compute Optimized

• Memory Optimized

• Accelerated Computing

• Storage Optimized

• HPC Optimized

General Purpose

General Purpose EC2 instances are designed to handle a wide range of workloads efficiently. They offer a balanced mix of:

• Compute power

• Memory

• Networking

This balance makes them ideal for tasks that don’t require specialized hardware but still need dependable, consistent performance.

When to Use General Purpose Instances:

• Hosting web servers

• Running development environments

• Deploying code repositories

• Lightweight databases or small applications

Example: t2.micro

In most tutorials and hands-on AWS courses, you'll often start with t2.micro. It’s part of the free tier, lightweight, and perfect for:

• Practicing AWS

• Running test apps

• Learning instance management

Compute Optimized

Compute Optimized EC2 instances are purpose-built for workloads that demand high-performance processors. These instances provide more CPU power relative to memory, making them ideal for compute-heavy tasks.

Best Use Cases:

• Batch Processing Workloads

• Media Transcoding

• High-Performance Web Servers

• Scientific Modeling & Machine Learning

• Dedicated Gaming Servers

• High Performance Computing (HPC)

Why Use Compute Optimized Instances?

If your application relies heavily on CPU cycles rather than RAM or disk speed, these instances deliver superior speed and cost-efficiency for that specific use case.

Memory Optimized

Memory Optimized instances are designed to deliver fast performance for workloads that require large memory allocation and need to process data in-memory rather than on disk.

These instances are ideal when your application is more memory-hungry than CPU-intensive.

Best Use Cases:

• High-performance relational or non-relational databases

• Distributed, web-scale cache stores (like Redis or Memcached)

• In-memory databases optimized for business intelligence (BI)

• Real-time processing of large volumes of unstructured big data

Why Use Memory Optimized Instances?

These are perfect for data-heavy apps that rely on speed, real-time analytics, and low-latency access to large datasets.

EC2 Instance Types – Storage Optimized

Storage Optimized EC2 instances are built for high-throughput, low-latency access to large datasets stored locally. These instances offer fast, high-capacity storage ideal for read/write-intensive operations.

They use locally attached NVMe or SSD storage to handle demanding storage workloads efficiently.

Best Use Cases:

• High-frequency OLTP (Online Transaction Processing) systems

• Relational and NoSQL databases with heavy I/O demands

• In-memory cache backing (e.g., Redis on disk)

• Data warehousing applications

• Distributed file systems like Hadoop or GlusterFS

Why Use Storage Optimized Instances?

If your workload demands fast disk access with large-scale data reads/writes, these instances offer the local disk performance that EBS volumes may not match.

Quick Tips:

• t2 instances are good for beginners and low-usage apps.

• c5d is compute optimized with fast local SSD storage.

• r5 is memory optimized for big databases.

• m5 balances compute and memory for general purpose workloads.

Understanding EC2 Security Groups

Security Groups in AWS act as virtual firewalls for your EC2 instances. They control inbound and outbound traffic and play a critical role in securing your cloud infrastructure.

Think of them as traffic rules for your instances — if something isn’t allowed by the rules, it doesn’t even reach the server.

Key Facts About Security Groups:

• Reusable: A single security group can be attached to multiple EC2 instances.

• Scoped to Region/VPC: Security groups are tied to a specific region and VPC combination.

• External Layer of Security: They sit outside the instance — if a request is blocked, the instance won’t even detect it.

• Stateful: If you allow incoming traffic on a port, the response traffic is automatically allowed back out.

• By Default:

  • All inbound traffic is blocked.

  • All outbound traffic is allowed.

Common Scenarios:

• Timeout error? → Usually a Security Group issue (port not open).

• Connection refused? → The app may not be running or is misconfigured.

Pro Tip:

Maintain a dedicated security group just for SSH access (port 22). This keeps your login rules clean, auditable, and easy to manage.

Classic Ports You Should Know

When configuring Security Groups or working with EC2 networking, it’s crucial to understand which ports need to be open based on your use case. These are the most commonly used ports for connectivity and services:

Note: When opening ports in Security Groups, only allow what's absolutely necessary for your application. Avoid exposing ports like 21 or 3389 unless required — and always restrict access to trusted IPs.

EC2 Instance Purchasing Options

Amazon EC2 offers multiple pricing models to suit different types of workloads and budgets. Choosing the right one depends on how long you need the instance, how predictable your usage is, and how much flexibility you want.

1. On-Demand Instances

• Best for short-term, unpredictable workloads

• Pay per second (Linux), no upfront cost

• Ideal for testing, development, and initial launches

2. Reserved Instances (1 or 3 Years)

• Best for long-term, steady workloads

• Significant discount over On-Demand pricing

• Standard Reserved Instances: Locked to specific instance type

• Convertible Reserved Instances: More flexible — switch instance families

3. Savings Plans (1 or 3 Years)

• Commit to a consistent amount of usage (e.g., $100/month)

• Greater flexibility than Reserved Instances

• Works across instance types and regions

4. Spot Instances

• Massive cost savings (up to 90% off)

• Best for short-lived, flexible workloads

• Instance can be terminated anytime if capacity is needed elsewhere

• Great for: batch jobs, CI/CD, stateless web servers

5. Dedicated Hosts

• Reserve an entire physical server

• Full control over instance placement

• Useful for software that needs per-socket or per-core licensing

6. Dedicated Instances

• Your hardware is not shared with other AWS customers

• Offers more isolation than regular EC2

• Less control than Dedicated Hosts, but easier to manage

7. Capacity Reservations

• Reserve EC2 capacity in a specific Availability Zone

• Useful for event-based scaling or disaster recovery

• Can be combined with Savings Plans for cost benefits

Tip: Start with On-Demand or Free Tier, then evaluate Reserved Instances or Savings Plans as your usage becomes more predictable.

EC2 On-Demand: Pay-As-You-Go Flexibility

On-Demand Instances are the most flexible purchasing option in EC2 — you simply pay for what you use, with no long-term commitments or upfront costs.

This model is perfect for experimentation, unpredictable workloads, or short-term projects.

Billing Details:

• Linux/Windows → Billed per second after the first minute

• Other OS (e.g., macOS) → Billed per hour

Key Characteristics:

• No upfront payment

• Highest hourly cost among all EC2 pricing models

• No long-term commitment required

• Start and stop instances anytime, only pay for running time

When to Use:

• Short-term, uninterrupted workloads

• Testing, prototyping, or staging environments

• Workloads where you can’t predict usage in advance

Tip: Ideal for beginners or new projects before switching to Reserved Instances or Savings Plans once your usage becomes consistent.

EC2 Dedicated Hosts: Full Hardware Control

A Dedicated Host is a physical server with EC2 capacity entirely dedicated to you. This is the most powerful (and expensive) option, offering maximum control and compliance.

Key Features:

• One customer per host — no sharing with others

• Helps meet regulatory and compliance requirements

• Supports BYOL (Bring Your Own License) for server-bound software

Pricing:

• On-Demand: Pay per second while the host is active

• Reserved: 1 or 3 years with flexible payment options (No, Partial, or All Upfront)

Best For:

• Enterprises with strict compliance needs

• Workloads with complex software licensing requirements

EC2 Dedicated Instances: Isolated, But Flexible

Dedicated Instances are EC2 instances that run on hardware dedicated to your account, but with less control than Dedicated Hosts.

Key Features:

• No other customers share your hardware

• May still move across physical servers (e.g., after Stop/Start)

• No control over specific server placement

Use Case:

• When you need instance-level isolation, but don’t need full host-level control

EC2 Capacity Reservations: Guaranteed Capacity, On-Demand Style

Capacity Reservations let you reserve EC2 capacity in a specific Availability Zone (AZ) without any long-term commitment.

Key Features:

• Guarantees instance availability in a particular AZ

• No time lock-in — create or cancel anytime

• Charged at On-Demand rates, even if instances aren't running

Best For:

• Workloads with short-term bursts that must run in a specific AZ

• Disaster recovery, scaling events, or critical availability requirements

Combine with Savings Plans or Reserved Instances to reduce billing while maintaining availability.

Shared Responsibility Model for EC2

In AWS, security and compliance is a shared responsibility between AWS and you (the customer). Understanding who handles what is essential when running EC2 instances.

Here’s a breakdown of the responsibilities:

AWS is responsible for:

• Global Infrastructure Security – including physical datacenters and networking

• Isolation on Physical Hosts – EC2 instances are isolated from each other

• Replacing Faulty Hardware – automatic failure detection and replacement

• Compliance Validation – AWS ensures infrastructure complies with global standards

You (the customer) are responsible for:

• Security Group Rules – you define and control firewall behavior

• Operating System Updates & Patches – keeping your OS secure and current

• Installed Software & Utilities – managing applications on the EC2 instance

• IAM Roles & Access Management – assigning permissions and securing identity access

• Data Security – securing data stored, processed, or transmitted from your instance

Remember: AWS secures the cloud. You secure what you put in the cloud.

EC2 Section – Summary

Let’s wrap up the key takeaways from the EC2 section:

EC2 Instance Basics:

Composed of:

• • AMI (Amazon Machine Image) – defines the OS

    • Instance Size – controls CPU & RAM

    • Storage – EBS or Instance Store

    • Security Groups – control access

    • EC2 User Data – bootstrapping script on first launch

Security & Access:

• Security Groups: Virtual firewalls attached to EC2 instances

• EC2 User Data: Automates configuration on first boot

• SSH (Port 22): Securely access Linux instances

• EC2 Instance Role: Uses IAM Roles to manage AWS service access securely

Purchasing Options:

• On-Demand: Pay-as-you-go

• Spot Instances: Cheapest, but can be terminated

• Reserved Instances: Long-term savings (Standard or Convertible)

• Dedicated Host: Physical server just for you

• Dedicated Instance: No hardware sharing with other customers